class BlastsController < ApplicationController
  # GET /blasts/new
  def new
    # @user = User.find(1)
    @blast = Blast.new
    @recipients = []

    if params[:blast]
      @blast = Blast.new(params[:blast])
      if @blast.blasted_type
        obj = @blast.blasted_type.camelize.constantize.new()
        obj.id = @blast.blasted_id
        @blast.this(obj)
      end
    end

    @layout = (params[:layout]) ? false : true
    respond_to do |format|
      format.html {render :layout=>@layout} # new.html.erb
      # format.xml  { render :xml => @blast }
    end
  end

  # POST /blasts
  def create
    begin

      @layout = (params[:layout]) ? false : true

      # begin_filter automatically checks client authenticity_token against session_id + secret
      # TODO: not sure where to account for this exception:  rescue ActionController::InvalidAuthenticityToken => error
      #       http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html#M000299
      
      # create blast...
      @blast = Blast.new(params[:blast])
      
      # which user did this come from?
      # replace this with the session user.id 
      user = User.find(1)      
      # blast! saves one message for each recipient...
      # we don't need to call @blast.this(...) because it was already called during the form setup in action#new
      user.blast!(@blast.to, @blast) 
      render :text => @blast.flash_message

   rescue => error
      # TODO: display error messages if present (add these to the header? so we can pluck them on the client)
      render :action=>"new", :layout=>@layout, :status=>500
    end
  end

  # GET /blasts
  def example
    @user = User.find(1)
   #@squab = Squab.find(1)
    respond_to do |format|
      format.html {} # 
    end   
  end

  def back
    
  end

end
